<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:th="http://www.thymeleaf.org"
	xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
	xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity3"
	layout:decorator="layout">

<head>
<title>User Home</title>
</head>
<body>
	<div layout:fragment="content">
		<p>
			Welcome <span sec:authentication="principal.username">User</span>
		</p>
		<p>
			<a th:href="@{/logout}">Logout</a>
		</p>

		<div sec:authorize="hasRole('ROLE_ADMIN')">
			<h3>You will see this only if you are ADMIN</h3>
			<p>
				<a th:href="@{/admin/home}">Admin Home</a>
			</p>
		</div>
		<h3>Form with CSRF Token</h3>
		<form th:action="@{/messages}" method="post">
			<textarea name="content" cols="50" rows="5"></textarea>
			<br>
			<input type="submit" value="Submit" />
		</form>

		<div>
		<br>
			<div class="panel panel-default">
				<div class="panel-heading">
					Messages
				</div>

				<p th:each="msg: ${msgs}" th:text="${msg.content}"></p>
			</div>

		</div>
	</div>

</body>

</html>